OSVDB ID: 81269

Title: Comodo Internet Security kernel ImageBase Executable Handling Remote DoS

Info

Disclosure

Mar 12, 2012

Discovery

Unknown

Dates

Exploit

Apr 19, 2012

Solution

Mar 12, 2012

Description

Comodo Internet Security contains a flaw that may allow a remote denial of service. The issue is triggered when handling executables with that contain kernels with imagebase values, and will result in loss of availability for the program.

Classification

Location: Local / Remote, Context Dependent
Attack Type: Denial of Service
Impact: Loss of Availability
Solution: Upgrade
Exploit: Exploit Public
Disclosure: Vendor Verified, Coordinated Disclosure

Solution

Upgrade to version 5.10 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Products

Comodo Group, Inc.

Comodo Internet Security

5.9.221665.2197

References

Security Tracker: 1026982
CVE ID: 2012-2273 (see also: NVD)
Secunia Advisory ID: 48928
Packet Storm: http://packetstormsecurity.org/files/112018/Comodo-Internet-Security-Blue-Screen-Of-Death.html
Mail List Post: http://seclists.org/bugtraq/2012/Apr/138
Vendor Specific News/Changelog Entry: http://www.comodo.com/home/download/release-notes.php?p=anti-malware

Credit

Unknown or Incomplete

Direct URL: http://osvdb.org/81269